<?php
require('my_ui.inc');
require('my_cn.inc');
require('my_db.inc');
ui_print_header('login');
if(isset($_POST['login'])){
	$posts = $_POST;
	foreach ($posts as $key => $value)
	{
		$posts[$key] = trim($value);
	}
	$username=$posts['uname'];
	$password=$posts['password'];
	if(verify_login($username,$password)){
		echo '<p>'.$username.' login successfully, </p>';
		session_start();
		$_SESSION['admin']=true;
		$_SESSION['user']=$username;
	}
	else{
		echo '<p>login unsuccessfully, </p>';
		echo '<p>click <a href="login.php">here</a> to retry </p>';
	}
}
else{
	ui_print_login_form($_SERVER['SCRIPT_NAME']);
}
ui_print_footer(date('Y-m-d H:i:s'));
function verify_login($user,$pass){
	$conn=db_connect($err);
	$query='SELECT PASSWORD
		FROM USERS
		WHERE UNAME=:uname';
	$bindargs=array();
	array_push($bindargs,array('uname',$user,-1));
	$r=db_do_query($conn,$query,OCI_FETCHSTATEMENT_BY_ROW,$err,$bindargs);
	//	var_dump($r);
	//	var_dump($pass);
	if($r[0]['PASSWORD']==$pass){
		return true;
	}
	else {
		return false;
	}
}
?>